projects
/
project
/
firewall3.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Properly handle per zone user chain rules by fixing multiple logic errors
[project/firewall3.git]
/
options.h
diff --git
a/options.h
b/options.h
index
7881375
..
1054658
100644
(file)
--- a/
options.h
+++ b/
options.h
@@
-70,16
+70,17
@@
enum fw3_target
FW3_TARGET_NOTRACK = 9,
FW3_TARGET_DNAT = 10,
FW3_TARGET_SNAT = 11,
FW3_TARGET_NOTRACK = 9,
FW3_TARGET_DNAT = 10,
FW3_TARGET_SNAT = 11,
- FW3_TARGET_CUSTOM_CHAINS = 12, /* alias to FW3_DEFAULT_CUSTOM_CHAINS */
+ FW3_TARGET_CUSTOM_CNS_V4 = 12,
+ FW3_TARGET_CUSTOM_CNS_V6 = 13,
};
enum fw3_default
{
FW3_DEFAULT_UNSPEC = 0,
};
enum fw3_default
{
FW3_DEFAULT_UNSPEC = 0,
- FW3_DEFAULT_CUSTOM_CHAINS = 1
2
,
- FW3_DEFAULT_SYN_FLOOD = 1
3
,
- FW3_DEFAULT_MTU_FIX = 1
4
,
- FW3_DEFAULT_DROP_INVALID = 1
5
,
+ FW3_DEFAULT_CUSTOM_CHAINS = 1
4
,
+ FW3_DEFAULT_SYN_FLOOD = 1
5
,
+ FW3_DEFAULT_MTU_FIX = 1
6
,
+ FW3_DEFAULT_DROP_INVALID = 1
7
,
};
extern const char *fw3_flag_names[FW3_DEFAULT_DROP_INVALID + 1];
};
extern const char *fw3_flag_names[FW3_DEFAULT_DROP_INVALID + 1];
@@
-170,7
+171,7
@@
struct fw3_protocol
bool any;
bool invert;
bool any;
bool invert;
- uint
16
_t protocol;
+ uint
32
_t protocol;
};
struct fw3_port
};
struct fw3_port
@@
-238,7
+239,7
@@
struct fw3_defaults
bool disable_ipv6;
bool disable_ipv6;
- uint
16
_t flags;
+ uint
32
_t flags;
};
struct fw3_zone
};
struct fw3_zone
@@
-274,8
+275,11
@@
struct fw3_zone
bool custom_chains;
bool custom_chains;
- uint16_t src_flags;
- uint16_t dst_flags;
+ uint32_t src_flags;
+ uint32_t dst_flags;
+
+ uint32_t running_src_flags;
+ uint32_t running_dst_flags;
};
struct fw3_rule
};
struct fw3_rule
@@
-393,7
+397,7
@@
struct fw3_ipset
const char *external;
const char *external;
- uint
16
_t flags;
+ uint
32
_t flags;
};
struct fw3_include
};
struct fw3_include